[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-Disclosure] Safe Run As
From:       offtopic <offtopic () mail ! ru>
Date:       2005-02-28 15:16:17
Message-ID: E1D5md7-000916-00.offtopic-mail-ru () f25 ! mail ! ru
[Download RAW message or body]

Safe Run As - keylogger protection

This tool is created to protect administrative passwords against keyloggers. 
Administrator's passwords are stored in the AES encrypted file on the removalable storage \
(flash-drive, floppy). Then you need to use "run as" command you launch saferunas.hta, and \
provide username and encryption key.  Passwords are decrypted and cmd.exe is launched with \
selected user's privileges.  Edit.hta tool can be used to create and modify file with encrypted \
passwords. 

Attention! 
- This tool doesn't protect against smart malware which can copy password file and steal \
                encryption key. 
- You can't choose program to run. Coming soon. 
- In this version password entered is used as AES key directly. This is bad idea. PKCS#5 \
                version is coming soon. 
- Attention - when you run GUI application as high privileged user, you are vulnerable for \
Shatter-style attacks (see shatter vbs for example).

http://www.security.nnov.ru/soft/srunas/ 


(c)oded by offtopic@mail.ru
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


[prev in list] [next in list] [prev in thread] [next in thread]